We have just finished successfully testing the Debian drupal5 5.17-1 package on the 2009.03 release, and have updated our package archive to include it.

Drupal 5.17 is not considered a security release by Debian, but does fix a cross-site-script (XSS) vulnerability, as well as other maintenance issues. Those interested in upgrading should do so manually:

apt-get update
apt-get install drupal5

Enjoy!